<?php
	require_once("../global.php");
	require_once("../uis.php");
	require_once("../config.php");
	require_once("../functions.php");
	include("local.php");
	require_once("pcrypt.php");
		
	switch($_GET["action"])
	{
		case "add_item":
		{
			AddItem($_GET["id"], $_GET["qty"], $_GET["p"], $_GET["k"], $_GET["c"]);
			ShowCart();
			break;
		}
		case "update_item":
		{
			UpdateItem($_GET["id"], $_GET["qty"]);
			ShowCart();
			break;
		}
		case "remove_item":
		{
			RemoveItem($_GET["id"]);
			ShowCart();
			break;
		}
		default:
		{
			ShowCart();
		}
	}

	function AddItem($itemId, $qty, $p, $k, $c)
	{
		// Will check whether or not this item
		// already exists in the cart table.
		// If it does, the UpdateItem function
		// will be called instead
		global $config,$mysql;
		
		if(encrypt($p)!=$k){
			die("Invalid Price!");
		}
		if(encrypt($itemId."AAA111AAA".$p)!=$c){
			die("Invalid Match!");
		}
		
		// Check if this item already exists in the users cart table
		$result = mysql_query("select count(*) from ".$mysql['pre']."cart where cookieId = '" . GetCartId() . "' and itemId = $itemId");
		$row = mysql_fetch_row($result);
		$numRows = $row[0];
		
		if($numRows == 0)
		{
			// This item doesn't exist in the users cart,
			// we will add it with an insert query
			@mysql_query("insert into ".$mysql['pre']."cart(cookieId, itemId, qty, price) values('" . GetCartId() . "', $itemId, $qty, $p)");
		}
		else
		{
			// This item already exists in the users cart,
			// we will update it instead
			$r=mysql_query("select * from ".$mysql['pre']."cart where cookieId = '" . GetCartId() . "' and itemId = $itemId");
			$v=mysql_fetch_array($r);
			//if(is_int($v['qty'])) print "a"; else print "c";
			//if(is_int($qty)) print "b"; else print "c";
			UpdateItem($itemId,($v['qty']+$qty));
		}
	}
	
	function UpdateItem($itemId, $qty)
	{
		// Updates the quantity of an item in the users cart.
		// If the qutnaity is zero, then RemoveItem will be
		// called instead
		global $config,$mysql;

		if($qty == 0)
		{
			// Remove the item from the users cart
			RemoveItem($itemId);
		}
		else
		{
			mysql_query("update ".$mysql['pre']."cart set qty = $qty where cookieId = '" . GetCartId() . "' and itemId = $itemId");
		}
	}
	
	function RemoveItem($itemId)
	{
		// Uses an SQL delete statement to remove an item from
		// the users cart
		global $config,$mysql;
		
		mysql_query("delete from ".$mysql['pre']."cart where cookieId = '" . GetCartId() . "' and itemId = $itemId");
	}
	
	function ShowCart()
	{
		// Gets each item from the cart table and display them in
		// a tabulated format, as well as a final total for the cart
		global $config,$mysql;
		
		$totalCost = 0;
		$result = mysql_query("select * from ".$mysql['pre']."cart inner join ".$config->dt['files']." on ".$mysql['pre']."cart.itemId = ".$config->dt['files'].".id where ".$mysql['pre']."cart.cookieId = '" . GetCartId() . "' order by ".$config->dt['files'].".name asc");
		?>
		<html>
		<head>
		<title>Your Shopping Cart </title>
		<script language="JavaScript">
		
			function UpdateQty(item)
			{
				itemId = item.name;
				newQty = item.options[item.selectedIndex].text;
				if(newQty!=0){
					document.location.href = 'cart.php?action=update_item&id='+itemId+'&qty='+newQty;
				}
				else{
					document.location.href = 'cart.php?action=remove_item&id='+itemId;
				}
			}
		
		</script>
		</head>
		<body bgcolor="#ffffff">
		<h1>Your Shopping Cart</h1>
		<form name="frmCart" method="get">
		<table width="85%" cellspacing="0" cellpadding="0" border="0" align="center">
			<tr>
				<td bgcolor="#CCCCCC">
					<font face="verdana" size="1" color="white">
						&nbsp;&nbsp;<b>Qty</b>
					</font>
				</td>
				<td bgcolor="#CCCCCC">
					<font face="verdana" size="1" color="white">
						<b>Product</b>
					</font>
				</td>
				<td bgcolor="#CCCCCC">
					<font face="verdana" size="1" color="white">
						<b>Price Each</b>
					</font>
				</td>
				<td bgcolor="#CCCCCC">
					<font face="verdana" size="1" color="white">
						<b>Subtotal</b>
					</font>
				</td>
				<td bgcolor="#CCCCCC">
					<font face="verdana" size="1" color="white">
						<b>Remove?</b>
					</font>
				</td>
			</tr>
			<?php
			
			while($row = mysql_fetch_array($result))
			{
				// Increment the total cost of all items
				$totalCost += ($row["qty"] * $row["price"]);
				?>
					<tr>
						<td height="25">
							<font face="verdana" size="1" color="black">
								<select name="<?php echo $row["itemId"]; ?>" onChange="UpdateQty(this)">
								<?php
									if(($row["qty"]-10)>0){
										$start=($row["qty"]-10);
									}
									else{
										$start=0;
									}
									for($i = $start; $i <= ($row["qty"]+10); $i++)
									{
										echo "<option ";
										if($row["qty"] == $i)
										{
											echo " SELECTED ";
										}
										echo ">" . $i . "</option>";
									}
								?>
								</select>
							</font>
						</td>
						<td height="25">
							<font face="verdana" size="1" color="black">
								<?php echo $row["name"]; ?>
							</font>
						</td>
						<td height="25">
							<font face="verdana" size="1" color="black">
								$<?php echo number_format($row["price"], 2, ".", ","); ?>
							</font>
						</td>
						<td height="25">
							<font face="verdana" size="1" color="black">
								$<?php print number_format(($row["qty"] * $row["price"]), 2, ".", ","); ?>
							</font>
						</td>
						<td height="25">
							<font face="verdana" size="1" color="black">
								<a href="cart.php?action=remove_item&id=<?php echo $row["itemId"]; ?>">Remove</a>
							</font>
						</td>
					</tr>
				<?php
			}
			
			// Display the total
			?>
					<tr>
						<td width="100%" colspan="5">
							<hr size="1" color="black" NOSHADE>
						</td>
					</tr>
					<tr>
						<td width="70%" colspan="3">
							<font face="verdana" size="1" color="black">
								<a href="index.php">&lt;&lt; Keep Shopping</a>
							</font>
						</td>
						<td width="30%" colspan="2">
							<font face="verdana" size="2" color="black">
								<b>Total: $<?php echo number_format($totalCost, 2, ".", ","); ?></b>
							</font>
						</td>
					</tr>
				</table>
				</form>
				
			<form action="order.php" method="post">
				<input type="hidden" name="completed" value="2">
				<?php
				$result = mysql_query("select * from ".$mysql['pre']."cart inner join ".$config->dt['files']." on ".$mysql['pre']."cart.itemId = ".$config->dt['files'].".id where ".$mysql['pre']."cart.cookieId = '" . GetCartId() . "' order by ".$config->dt['files'].".name asc");
				$id_set="";
				$qty_set="";
				$p_set="";
				$k_set="";
				while($row = mysql_fetch_array($result)){
					if($id_set!="")$id_set.=",";
					if($qty_set!="")$qty_set.=",";
					if($p_set!="")$p_set.=",";
					if($k_set!="")$k_set.=",";
					$id_set.=$row["itemId"];
					$qty_set.=$row["qty"];
					$p_set.=$row["price"];
					$k_set.=($row["price"].$row['itemId']);
				}
				?>
				<input type="hidden" name="product_idb" value="<?php print $id_set; ?>">
				<input type="hidden" name="product_qty" value="<?php print $qty_set; ?>">
				<input type="hidden" name="product_p" value="<?php print $p_set; ?>">
				<input type="hidden" name="key" value="<?php print encrypt($p_set); ?>">
				<input type="hidden" name="key2" value="<?php print encrypt($k_set); ?>">
				<input type="submit" value="Checkout --&gt;">
			</form>
			</body>
			</html>
			<?php
	}

?>